City of Dallas ‘Exploring All Options’ to Recover from Ransomware
The City of Dallas is updating citizens on the cyberattack it suffered last week, stating that it is “exploring all options to remediate this incident,” suggesting it might be tempted to pay ransom if necessary.
A week into its run-in with Royal ransomware operators, the city is making progress restoring its systems, but it’s still grappling with the effects of the attack.
Police vehicles aren’t out on calls yet and Computer Assisted Dispatch systems are still being restored, while the OurDallas app and website are still limited in functionality.
Some payment systems are still offline, while many other IT-dependent services are being tested to prevent reinfection when redeployed.
Will the city pay the ransom?
In a bid to offer transparency about the incident, city officials have posted an FAQ to keep citizens abreast of the situation.
For those asking “Will the City pay the ransom?” Dallas officials have the following answer:
“The City is exploring all options to remediate this incident. As this is an ongoing criminal investigation, the City cannot comment on specific details which risk impeding the investigation or exposing vulnerabilities that can be exploited by an attacker.”
The lack of a definite “no” doesn’t necessarily mean the city will cede to the hackers’ demands. However, it might indicate that it is at least considering negotiating with the aggressors in case a decryptor is ultimately necessary to restore critical systems, or to protect citizen data.
No indication that citizen data is at risk
Regarding the possibility of the hackers leaking citizens’ data:
“At this time the City has no indication that customer information such as billing data or personally identifiable information (PII) has been leaked from City systems or databases.”
Should this assumption prove wrong, the city pledges to notify potentially impacted individuals with information and instructions.
As a precaution, the FAQ tells residents to be wary of unsolicited calls from anyone claiming to represent the City of Dallas asking for a payment or personal information.
While not going into specifics, the city is in fact trying to protect citizens from potential spear phishing attacks, or other forms of socially engineered scams.
“Should any individual be contacted by someone claiming to represent the City of Dallas and ask for a payment or personal information, please take note of the number they are calling from and the number they are reaching, then hang up and call the City Department to report,” the FAQ states.
Other questions are brushed off, or even downplayed, with Dallas officials maintaining that the investigation is ongoing so they can’t comment on specifics.
As reported last week, the Royal hacking crew has claimed responsibility for the attack. Royal is believed to be an offshoot of the Conti cybercrime syndicate which closed shop last year as law enforcement began zeroing in on the operation.
Bitdefender Digital Identity Protection scans the web for unauthorized leaks of your personal data, monitoring whether your accounts are exposed and making it easy to take action before disaster strikes.
Bitdefender Identity Theft Protection covers damages and financial loss from identity theft, complete identity theft restoration services, and identity theft insurance up to $2 million.